How to install Windbg and get your first memory dump

Install Windbg

Windbg is the tool for the ASP.NET support engineer. It is free and it's available at www.microsoft.com/whdc/devtools/debugging/default.mspx. The learning curve is steep to say the least, but if you're interested in finding out what is going on behind the scenes in your application, then Windbg is your new best friend. For information on how to configure windbg, please refer to the documentation. Pay special attention to the section concerning symbols.

There is an extension called SOS.dll that you will want to use. You'll find it in the framework directory so for Framework 2.0 look in "C:\Windows\Microsoft.NET\Framework\v2.0.50727". You might want to copy it into the same folder as windbg for easy access.

Get a memory dump

Windbg will allow you to either perform a post mortem analysis on a memory dump or to attach to a process during execution. I mainly deal with memory dumps, since it's a lot easier to request a single file from a customer rather than access to their server. Maybe I'll cover live debugging in another post, but for now we'll just look at dump files.

Vista

If you're running Windows Vista, then you can easily create a dump file from the task manager. Simply open up the "Processes"-tab, right-click the process you wish to dump and select "Create Dump File".

Adplus

For any other system or if you want to specify certain conditions I'd recommend using a script called adplus. It comes with the Windbg installation and is run from the command prompt. Adplus will take a number of arguments, but for basic operation there are two things you need to specify:

When to take the dump

The name or process ID of the process you wish to take a dump of

The dumps generated by adplus will be saved to a subfolder of the folder where you've installed windbg.

For example:

adplus -crash -pn w3wp.exe

This will generate a full memory dump right before any process named w3wp.exe terminates or recycles. This will also generate minidumps on all first chance exceptions.

adplus -crash -pn w3wp.exe -NoDumpOnFirst

Same as above, but without the minidumps.

adplus -hang -p 2960

This will immediately get a full dump of the process with ID 2960. Commonly used when the process has hung, or is generally unresponsive. Hence the name.

Advanced Adplus

If you're trying to pin down the cause of a specific exception, then you can use a config file. This is a sample config file that will create a full memory dump once a System.Runtime.InteropServices.COMException occurs. Simply copy the code below into notepad and save it as MyConfig.cfg.

As you can see you can easily adjust the config so that it gets a dump on any other exception. The dump will be saved in c:\dumps, so you should also make sure that this folder exists. When you're ready, run adplus with the following syntax:

adplus -c myconfig.cfg -pn w3wp.exe

Debugging through a Terminal Server session

If you don't have direct access to the server you need to either attach noninvasively or schedule the command you wish to run. This can seem a bit complicated, but there's a pretty good howto written in the knowledge base under the following article: http://support.microsoft.com/default.aspx/kb/323478

Great stuff! Thanks for sharing it, and also for the "Advanced Adplus" section in particular!

Couple of things which I think is worth mentioning is that you can’t take automatic dumps (u can connect to session 0, I believe though!) by using adplus.vbs if you are using Terminal Service to login to the problematic box and setting up a rule for crash.

adplus -crach -pn w3wp.exe -NoDumpOnFirst

Besides, in IMHO DebugDiag is doing a pretty good job these days because of its easy to use GUI.

Thanks for the feedback. Good point on including the information for Terminal Services. I’ve updated the post and linked to a good kb-article on the subject.

I corrected the typo too. Good catch! 🙂

DebugDiag is great, and I’ve used it quite a lot. I sort of swing back and forth between adplus and DebugDiag. For a while I preferred DebugDiag because of its friendly GUI, but right now I favor adplus. I guess it’s because I find it easier to send a few command lines to a client rather than a couple of screenshots.

I am trying to configure my windbg but unable to do so. I need your help regarding this. I am developing a web and using visual studio 2005 and framework 2.0. Please help me how to configure the windbg to debug my web application as we are facing problems with memory leak.

I have already installed windbg and copy and paste the sos.dll to the windbg folder according to mentioned above.